barbican
#0

Description

Barbican is a REST API designed for the secure storage, provisioning and
management of secrets such as passwords and encryption keys. It is aimed at
being useful for all environments, including large ephemeral Clouds

(string)
This is the label for the primary HMAC (keyed-hash message authentication
code) stored in the HSM that is used by Barbican to wrap other HMACs that
are provided to projects.
Note the assocated action 'generate-hmac' is used to create an HMAC when
initialising a system.

(string)
This is the label for the primary MKEK (Master Key Encryption Key) stored
in the HSM that is used by Barbican to wrap other encryption keys that
are provided to projects.
Note the assocated action 'generate-mkek' is used to create an MKEK when
initialising a system.

(string)
Repository from which to install. May be one of the following:
distro (default), ppa:somecustom/ppa, a deb url sources entry,
or a supported Cloud Archive release pocket.
Supported Cloud Archive sources include: cloud:precise-folsom,
cloud:precise-folsom/updates, cloud:precise-folsom/staging,
cloud:precise-folsom/proposed.
Note that updating this setting to a source that is known to
provide a later version of OpenStack will trigger a software
upgrade.

(string)
The hostname or address of the admin endpoints created in the keystone
identity provider.
.
This value will be used for admin endpoints. For example, an
os-admin-hostname set to 'api-admin.example.com' with ssl enabled
will create the following endpoint for neutron-api:
.
https://api-admin.example.com:9696/

(string)
The hostname or address of the internal endpoints created in the keystone
identity provider.
.
This value will be used for internal endpoints. For example, an
os-internal-hostname set to 'api-internal.example.com' with ssl enabled
will create the following endpoint for neutron-api:
.
https://api-internal.example.com:9696/

(string)
The hostname or address of the public endpoints created in the keystone
identity provider.
.
This value will be used for public endpoints. For example, an
os-public-hostname set to 'api-public.example.com' with ssl enabled
will create the following endpoint for neutron-api:
.
https://api-public.example.com:9696/

(boolean)
If True (the default) then the barbcian-worker process won't be fully
functional until an HSM is associated with the charm. The charm will
remain in the blocked state until an HSM is available.

(string)
SSL certificate to install and use for API ports. Setting this value
and ssl_key will enable reverse proxying, point Glance's entry in the
Keystone catalog to use https, and override any certficiate and key
issued by Keystone (if it is configured to do so).

(float)
The CPU core multiplier to use when configuring worker processes. By
default, the number of workers for each daemon is set to twice the number
of CPU cores a service unit has. When deployed in a LXD container, this
default value will be capped to 4 workers unless this configuration
option is set.

Relations
Relations enable services to easily and securely share information with each other.